USN-6012-1: Smarty vulnerability

USN-6012-1: Smarty vulnerability

It was discovered that Smarty incorrectly parsed blocks’ names and
included files’ names. A remote attacker with template writing permissions
could use this issue to execute arbitrary PHP code. (CVE-2022-29221)
Source: USN-6012-1: Smarty vulnerability